package com.dys.hejiayuncommunity.framework.security.service;

import com.dys.hejiayuncommunity.common.utils.ServletUtils;
import com.dys.hejiayuncommunity.system.domain.LoginUser;
import com.dys.hejiayuncommunity.system.domain.SysRole;
import com.dys.hejiayuncommunity.system.service.TokenService;
import org.apache.commons.collections.CollectionUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;

import java.util.Objects;
import java.util.Set;

/**
 * @Author: 疾风
 * @ClassName: PermsExpressionService
 * @Description: 自定义权限校验
 * @CreateDate: 2024/12/24
 * @Version: v1.0.0
 */
@Component("pe")
public class PermsExpressionService {

    /**
     * 权限标识
     */
    private static final String ALL_PERMISSION = "*:*:*";

    /**
     * 分隔符
     */
    private static final String DELIMITERS = ",";

    @Autowired
    private TokenService tokenService;

    /**
     * 验证用户是否具备某一项权限
     *
     * @param permission 权限字符串
     * @return true: 拥有权限,false: 没有权限
     */
    public boolean hasPerms(String permission) {
        if (StringUtils.isEmpty(permission)) {
            return false;
        }
        // 获取用户信息
        LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());

        if (Objects.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getPermissions())) {
            return false;
        }

        return hasPermissions(loginUser.getPermissions(), permission);
    }

    /**
     * 判断是否包含该权限
     *
     * @param permissions 权限列表
     * @param permission  权限字符串
     * @return true: 包含, false: 不包含
     */
    private boolean hasPermissions(Set<String> permissions, String permission) {
        return permissions.contains(ALL_PERMISSION) || permissions.contains(permission);
    }

    /**
     * 验证用户是否具有以下 任意一个权限
     *
     * @param permissions 权限字符串
     * @return true: 有, false: 没有
     */
    public boolean hasAnyPerms(String permissions) {
        if (StringUtils.isEmpty(permissions)) {
            return false;
        }
        // 获取用户信息
        LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());

        if (Objects.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getPermissions())) {
            return false;
        }
        // 获取权限信息
        Set<String> authorities = loginUser.getPermissions();
        for (String permission : permissions.split(DELIMITERS)) {
            if (permission != null && hasPermissions(authorities, permission)) {
                return true;
            }
        }
        return false;
    }

    /**
     * 判断用户是否拥有某个角色
     *
     * @param role 角色字符串
     * @return true: 有, false: 没有
     */
    public boolean hasRole(String role) {
        if (StringUtils.isEmpty(role)) {
            return false;
        }

        // 获取用户信息
        LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());

        if (Objects.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getSysUser().getRoles())) {
            return false;
        }

        for (SysRole sysRole : loginUser.getSysUser().getRoles()) {
            String roleKey = sysRole.getRoleKey();
            if ("admin".equals(roleKey) || roleKey.equals(roleKey)) {
                return true;
            }
        }
        return false;
    }

    /**
     * 判断用户是否具有以下任意一个角色
     *
     * @param roles 角色字符串,多个角色用逗号分隔
     * @return true: 有, false: 没有
     */
    public boolean hasAnyRole(String roles) {
        if (StringUtils.isEmpty(roles)) {
            return false;
        }

        // 获取登录用户信息
        LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());

        if (Objects.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getSysUser().getRoles())) {
            return false;
        }

        for (String role : roles.split(DELIMITERS)) {
            if (hasRole(role)) {
                return true;
            }
        }
        return false;
    }
}
